Lucene search
HistoryMar 08, 2012 - 10:55 p.m.
CVE-2012-0585
cve-2012-0585
safari
apple ios
privacy settings
javascript
remote attack
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.2%
The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.
Affected configurations
Node
appleiphone_osRange<5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:iphone_os | apple iphone os | lt | 5.1 |
Related
prion
prion
Design/Logic Flaw
2012-03-08 22:55:00
nvd
nvd
CVE-2012-0585
2012-03-08 22:55:01
cvelist
cvelist
CVE-2012-0585
2012-03-08 22:00:00
securityvulns
securityvulns
Apple iPhone multiple security vulnerabilities
2012-03-09 00:00:00
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
2012-03-09 00:00:00
nessus
nessus
Safari < 5.1.4 Multiple Vulnerabilities
2012-03-13 00:00:00
Safari < 5.1.4 Multiple Vulnerabilities
2012-03-13 00:00:00
Safari < 5.1.4 Multiple Vulnerabilities
2012-03-12 00:00:00
openvas
openvas
Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
2012-03-13 00:00:00
Apple Safari Webkit Multiple Vulnerabilities (Mar 2012) - Mac OS X
2012-03-13 00:00:00
Apple Safari Webkit Multiple Vulnerabilities - March12 (Windows)
2012-03-13 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.2%
Related for CVE-2012-0585